<?php 
defined('RUN_KATANA') or die('Restricted access');
class AccessAdmin
{
	public $Info;
	public $Error;
	public $JsActionRun;
	
	public function AccessAdmin()
	{
		self::runPreActions();
		self::runPostActions();
	}
	
	public function runPreActions()
	{
		global $commander;
		global $ac;
		switch($commander->getPostAction())
		{
			case 'list_user':
				if((($_POST['new_username'] != '') || ($_POST['new_email'] != '')) && ($_POST['new_password'] != '') && ($_POST['new_password2'] != ''))
				{ $ac->addUser($_POST['new_username'], $_POST['new_password'], $_POST['new_email']); }
				if($_POST['activate'] > 0)
				{ $commander->setTableActive($_POST['activate'], 'users', 1); }
				if($_POST['deactivate'] > 0)
				{ $commander->setTableActive($_POST['deactivate'], 'users', 0); }
				if($_POST['del_item_id'] > 0)
				{ self::deleteUser($_POST['del_item_id']); }
				$ac->loadUsers();
				return;
			break;
			
			case 'list_user_group':
				if($_POST['new_item_title'] != '')
				{ self::addUserGroup($_POST['new_item_title']); }
				if($_POST['activate'] > 0)
				{ $commander->setTableActive($_POST['activate'], 'user_groups', 1); }
				if($_POST['deactivate'] > 0)
				{ $commander->setTableActive($_POST['deactivate'], 'user_groups', 0); }
				if($_POST['del_item_id'] > 0)
				{ self::deleteUserGroup($_POST['del_item_id']); }
				return;
			break;
			
			case 'list_access_level':
				if($_POST['new_item_title'] != '')
				{ self::addAccessLevel($_POST['new_item_title']); }
				if($_POST['activate'] > 0)
				{ $commander->setTableActive($_POST['activate'], 'user_access_levels', 1); }
				if($_POST['deactivate'] > 0)
				{ $commander->setTableActive($_POST['deactivate'], 'user_access_levels', 0); }
				if($_POST['del_item_id'] > 0)
				{ self::deleteAccessLevel($_POST['del_item_id']); }
				return;
			break;
		}
	}
	
	public function runPostActions()
	{
		global $db;
		global $commander;
		global $ac;
		
		switch ($_POST['action'])
		{
			//List-Editor group actions
			case 'list_user':
				if(count($_POST['user_id']) > 0)
				{
					$i = 0;
					foreach($_POST['user_id'] as $id)
					{
						if(isset($ac->Users[$id]))
						{
							if($_POST['user_username'][$i] != $ac->Users[$id]->getUsername())
							{ 
								$ac->Users[$id]->setUsername($commander->formatText($_POST['user_username'][$i]));
								$ac->Users[$id]->setDataChanged(true);
							}
							if($_POST['user_email'][$i] != $ac->Users[$id]->getEmail())
							{ 
								$ac->Users[$id]->setEmail($_POST['user_email'][$i]);
								$ac->Users[$id]->setDataChanged(true);
							}
							if($_POST['user_level'][$i] != $ac->Users[$id]->getLevel())
							{ 
								$ac->Users[$id]->setLevel(intval($_POST['user_level'][$i]));
								$ac->Users[$id]->setDataChanged(true);
							}
							if($_POST['user_group'][$i] != $ac->Users[$id]->getGroup())
							{ 
								$ac->Users[$id]->setGroup(intval($_POST['user_group'][$i]));
								$ac->Users[$id]->setDataChanged(true);
							}
							if(intval($_POST['PartnerStatus'][$i]) != $ac->Users[$id]->getPartnerStatus())
							{ 
								//echo $id.' Changed status from:'.$ac->Users[$id]->getPartnerStatus().' to:'.$_POST['PartnerStatus'][$i];
								if($ac->Users[$id]->getPartnerStatus() < intval($_POST['PartnerStatus'][$i]))
								{ $ac->Users[$id]->setPartnerStatusDateStart(date('Y-m-d')); }
								if(intval($_POST['PartnerStatus'][$i]) == 0)
								{ 
									$ac->Users[$id]->setPartnerStatus(0);
									$ac->Users[$id]->setPartnerStatusDateStart('0000-00-00');
									$ac->Users[$id]->setDataChanged(true);
								}
								else
								{
									$ac->Users[$id]->upgradePartnerStatus(intval($_POST['PartnerStatus'][$i]));
									$ac->Users[$id]->setDataChanged(true);
								}
							}
							$ac->Users[$id]->saveUser();
						}
						$i++;
					} //End foreach
					if($_POST['selected'])
					{
						foreach($_POST['selected'] as $id)
						{
							if(isset($ac->Users[$id]))
							{
								if($_POST['activate'] == '-1')
								{
									$ac->Users[$id]->setActive(1);
									$commander->setTableActive($id, 'users', 1); 
								}
								if($_POST['deactivate'] == '-1')
								{
									$ac->Users[$id]->setActive(0);
									$commander->setTableActive($id, 'users', 0); 
								}
							}
						}
					}
				}
			break;
			
			case 'list_user_group':
				if((count($_POST['user_group_id']) > 0) && ($ac->getUserGroups()))
				{
					$i = 0;
					foreach($_POST['user_group_id'] as $id)
					{
						if(isset($ac->UserGroups[$id]))
						{
							if($_POST['user_group_title'][$i] != $ac->UserGroups[$id]->getTitle())
							{ 
								$ac->UserGroups[$id]->setTitle($commander->formatText($_POST['user_group_title'][$i]));
								$ac->UserGroups[$id]->setDataChanged(true);
							}
							if($_POST['user_group_level'][$i] != $ac->UserGroups[$id]->getLevel())
							{ 
								$ac->UserGroups[$id]->setLevel(intval($_POST['user_group_level'][$i]));
								$ac->UserGroups[$id]->setDataChanged(true);
							}
							$ac->UserGroups[$id]->update();
						}
						$i++;
					} //End foreach
					if($_POST['selected'])
					{
						foreach($_POST['selected'] as $id)
						{
							if(isset($ac->UserGroups[$id]))
							{
								if($_POST['activate'] == '-1')
								{
									$ac->UserGroups[$id]->setActive(1);
									$commander->setTableActive($id, 'user_groups', 1); 
								}
								if($_POST['deactivate'] == '-1')
								{
									$ac->UserGroups[$id]->setActive(0);
									$commander->setTableActive($id, 'user_groups', 0); 
								}
							}
						}
					}
				}
			break;
			
			case 'list_access_level':
				if((count($_POST['access_level_id']) > 0) && ($ac->getAccessLevels()))
				{
					$i = 0;
					foreach($_POST['access_level_id'] as $id)
					{
						if(isset($ac->AccessLevels[$id]))
						{
							if($_POST['access_level_title'][$i] != $ac->AccessLevels[$id]->getTitle())
							{ 
								$ac->AccessLevels[$id]->setTitle($commander->formatText($_POST['access_level_title'][$i]));
								$ac->AccessLevels[$id]->setDataChanged(true);
							}
							if($_POST['access_level_level'][$i] != $ac->AccessLevels[$id]->getLevel())
							{ 
								$ac->AccessLevels[$id]->setLevel($_POST['access_level_level'][$i]);
								$ac->AccessLevels[$id]->setDataChanged(true);
							}
							$ac->AccessLevels[$id]->update();
						}
						$i++;
					} //End foreach
					if($_POST['selected'])
					{
						foreach($_POST['selected'] as $id)
						{
							if(isset($ac->AccessLevels[$id]))
							{
								if($_POST['activate'] == '-1')
								{
									$ac->AccessLevels[$id]->setActive(1);
									$commander->setTableActive($id, 'user_access_levels', 1); 
								}
								if($_POST['deactivate'] == '-1')
								{
									$ac->AccessLevels[$id]->setActive(0);
									$commander->setTableActive($id, 'user_access_levels', 0); 
								}
							}
						}
					}
				}
			break;
			//List-Editor brand actions end
			
			//Editor actions
			case 'editor_user_group':
				if((is_object($shop->getCurrentProvider())) && ($shop->getCurrentProviderId() > 0))
				{
					if(stripslashes($_POST['title']) !== $ac->CurrentUserGroup->getTitle())
					{ 
						$ac->CurrentUserGroup->setTitle($commander->formatText($_POST['title'])); 
						$ac->CurrentUserGroup->setDataChanged(true);
					}
					if(stripslashes($_POST['title_import']) != $ac->CurrentUserGroup->getTitleImport())
					{ 
						$ac->CurrentUserGroup->setTitleImport($commander->formatAlias($_POST['title_import']));
						$ac->CurrentUserGroup->setDataChanged(true);
					}
					
					if(intval($_POST['add_user_id']) > 0)
					{  $ac->CurrentUserGroup->addUser(intval($_POST['add_user_id'])); }
					if(intval($_POST['rem_user_id']) > 0)
					{ $ac->CurrentUserGroup->remUser(intval($_POST['rem_user_id'])); }
					
					$ac->CurrentUserGroup->Update();
				}
			break;	
			
			case 'editor_user':
				if($ac->getCurrentUserId() > 0)
				{
					if(is_object($ac->getCurrentUser()))
					{
						$params = array();
						foreach(array_keys($_POST) as $key)
						{
							if($ac->varExsists($key, $ac->CurrentUser))
							{
								switch($key)
								{
									case 'Username':
									case 'Email':
										if($commander->formatText($_POST[$key]) !== $ac->CurrentUser->__call('get'.$key))
										{
											$params[$key] = $commander->formatText($_POST[$key]);
											$ac->CurrentUser->setDataChanged(true);
										}
									break;
									case 'Level':
									case 'Group':
										if(intval($_POST[$key]) !== $ac->CurrentUser->__call('get'.$key))
										{
											$params[$key] = intval($_POST[$key]);
											$ac->CurrentUser->setDataChanged(true);
										}
									break;
									case 'PartnerStatus':
										if(intval($_POST[$key]) !== $ac->CurrentUser->__call('get'.$key))
										{
											if($ac->CurrentUser->getPartnerStatus() < intval($_POST[$key]))
											{ $ac->CurrentUser->setPartnerStatusDateStart(date('Y-m-d')); }
											$ac->CurrentUser->upgradePartnerStatus(intval($_POST[$key]));
											$ac->CurrentUser->setDataChanged(true);
										}
									break;
								}
							}
						}
						if(count($params) > 0)
						{ $ac->CurrentUser->setValues($params); }
						//print_r($ac->CurrentUser);
						$ac->CurrentUser->saveUser();
					}
				}
			break;
		}
	}
	
	
	function addUserGroup($title)
	{
		global $commander;
		$title = $commander->formatText($title);
		if($title != '')
		{
			$sql  = 'INSERT INTO '.DB_PERFIX.'user_groups (`title`)'; 
			$sql .= 'VALUES ("'.$title.'");';
			$result = mysql_query($sql);
		}
	}
	
	function deleteUserGroup($id)
	{	
		if($id > 0)
		{	
			$sql = 'UPDATE '.DB_PERFIX.'users SET group=0 WHERE group='.intval($id).';';
			$result = mysql_query($sql);
			$sql = 'DELETE FROM '.DB_PERFIX.'user_groups WHERE id='.intval($id).' LIMIT 1;';
			$result = mysql_query($sql);
			return;
		}
	}
	
	function addAccessLevel($title)
	{
		global $commander;
		$title = $commander->formatText($title);
		if($title != '')
		{
			$sql  = 'INSERT INTO '.DB_PERFIX.'user_access_levels (`title`)'; 
			$sql .= 'VALUES ("'.$title.'");';
			$result = mysql_query($sql);
		}
	}
	
	function deleteAccessLevel($id)
	{	
		if($id > 0)
		{	
			$sql = 'UPDATE '.DB_PERFIX.'users SET level=0 WHERE level='.intval($id).';';
			$result = mysql_query($sql);
			$sql = 'DELETE FROM '.DB_PERFIX.'user_access_levels WHERE id='.intval($id).' LIMIT 1;';
			$result = mysql_query($sql);
			return;
		}
	}
}
?>